At The Red Guild, we share periodic public updates on what we've done, what we're up to, and what's to come. This helps us stay accountable and committed to our work while we open ourselves to the community.

In case you missed the last one, you can find all our updates here:

updates - The Red Guild

All updates from The Red Guild in a single place.

The Red Guild

There's so much to share in this update. We know we've been quiet for a while. But quiet is not dormant. On the contrary, the last months at The Red Guild have been full of writing, coding, shipping, presenting, designing, networking, expanding, travelling, and a big etc.

We should've posted more updates on the blog. Though we prioritized other work, and ended up falling short at sharing our progress with you all, as we're known for. In any case, here we are!

Today's update sums up everything we've accomplished since March 🙀 including:

• The Phishing Dojo
• Team & Collaborators
• Identity & Design
• Events
• Ecosystem Support
• Leading Frameworks at SEAL

and more on latest articles, tooling and Damn Vulnerable DeFi. Closing, as usual, with what's to come! 🏃

The Phishing Dojo

The elephant in the room. The most likely cause of all our delays sharing this update with you.

We first introduced The Phishing Dojo to the community at Devcon 2024, where we had an early demo of our grand vision of an advanced training platform to educate users and developers in the most notorious threats facing crypto these days.

All the incredible feedback we got from the community pushed us to double-down on this project. For the last 6 months we've been heads down turning The Phishing Dojo into what's to be the first and most sophisticated threat simulation platform in the crypto ecosystem.

We set out to ship it just in time for ETHCC, which we did! 🎉

Launching this new version of The Phishing Dojo at ETHCC was no small feat for a team of not three, but two and a half people. There's been tons of learning in the process of going from the early Devcon version to this latest beta version that includes:

• User registrations – also catering for anonymous users who may sign-up and save their progress later
• Personal dashboard
• Progress tracking – for yourself or your team
• Support for trainings with multiple modules, each consisting of interactive challenges + multimedia content (videos, slides, text, etc)
• Admin dashboard for creation of challenges, team management, and full customization of training

With this beta version out in the streets, we'll continue gathering users' feedback and improving the maturity and stability of the platform. Only then will we continue expanding for more training, scenarios, and lots of cool features we've got in the roadmap.

Team & collaborators

Even if we intend The Red Guild to remain small and focused, we do want to grow our team to bring special skills our original members might not have.

In that line, @tebayoso has joined us as a part-time lead product developer at The Red Guild, bringing all his experience in software engineering to turn The Phishing Dojo into the first threat simulation platform for the crypto ecosystem.

Working in tandem with our graphic designer, we've also got a new front-end developer contributing to bringing the new identity to life in our sites.

For some time, we entertained the idea of bringing an intern into the Guild, supported by the latest sponsored internships program by the Ethereum Foundation. But after some back and forth as we aligned expectations, we ended up withdrawing our application. We've come to the conclusion that we're still a small team without enough capacity to support an intern fully. We'll reconsider in the future!

Identity & design

Some months ago, we started working with a new designer to revamp our whole visual identity. After some iterations, it looks like we're getting there!

Taking advantage of the brand's overhaul, we've completely redesigned our landing page. Have you checked it yet? Here's a quick snippet:

The Red Guild

The Red Guild (TRG) advances security, education, and open-source tools in the crypto ecosystem. Challenges, resources, and audits for the community.

In the meantime, we continue giving away our swag at all events we attend. Find us if you'd like some cool stickers and shirts!

Events

We've organized, supported, and/or participated in a handful of outstanding events. Needless to say, this involves not only just showing up to do a talk. We take our public appearances seriously. We aim for the content we deliver to be as fresh and up-to-date as possible for each occasion.

So all of these involved planning, researching, consuming and digesting tons of information from talks, articles, threads, then brainstorming ideas, coming up with new ways of presenting them to the audience, and finally putting together slides and making a cool script for the talk (leaving some space for randomness and impro 🧑‍🎤).

+100 builders @ Blockchain Tandil

During May, we helped organize, coordinate, and participate in Blockchain Tandil. A local event in the city of Tandil (Argentina) where over +100 builders gathered to learn about blockchain technologies and the Ethereum ecosystem.

We'll let these pics and videos speak for themselves:

Email Phishing @ Ethereum Argentina

In June, we had @tebayoso presenting parts of The Phishing Dojo and its importance for the ecosystem in Ethereum Argentina, particularly focusing on the detection of phishing emails.

Here's the talk's video in Spanish, where we go over the most common threats and then close with some realistic examples using an older version of The Phishing Dojo:

It's so cool to see how much the Dojo has changed, only since June, when tebayoso shared it in Ethereum Argentina! It's evolving really fast ⚡🥋

Detecting phishing threats @ ETHBelgrade

In June, @tinchoabbate presented a 30-minute talk at ETHBelgrade, doing a deep dive into the most notorious phishing, scam, and social engineering threats going on in crypto right now.

It was great to meet and connect with Serbia's crypto community. It did feel like LATAM in many ways. We look forward to continuing to collaborate! The talk's video is not uploaded yet - we'll share it when it is. So, subscribe 👇

OpSec with Attack Trees @ DSS Webinar

In June, we also saw @mattaereal deliver a presentation in the DSS Webinar. He shared practical ways to start thinking about your operational security today, using attack trees as a tool to understand how to mitigate criminals' intentions to fulfill their objectives.

Don't know anything about opsec? Never heard of attack trees? That's your talk! ☝️

ETHCC

In the last update we shared that we'd be presenting a few talks at ETHCC. We promised, we delivered 😄

Practical Phishing Detection with The Phishing Dojo

In this workshop at ETHCC, matta and tincho briefly shared their view on the state of crypto threats when it comes to phishing, scams, impersonations, social engineering, and other tactics attackers are using to target us all every day.

After a short talk, they introduced the latest beta version of The Phishing Dojo and let the attendees face many of the threats by themselves.

Don't miss the presentation's intro talk and the ending - that should give you a clear idea of the key features and vision for our Dojo.

Thanks to everyone who joined us in the workshop! You were brave enough to be part of the first batch of beta users of The Phishing Dojo 💪 We got amazing feedback to take back home and continue improving it.

Physical and Operational Security 101

Representing SEAL, during the first day of ETHCC, we delivered a workshop about operational security while traveling. With a highlight for high-profile targets and also some specific suggestions for France.

The contents were based on the Security Frameworks, an initiative led by matta as part of the work that we do for the Security Alliance.

The workshop consisted of a walkthrough of attack trees, similar to the webinar we mentioned earlier, plus an explanation of the contents of the initial draft of the Travel Guide we're going to introduce later on in this post.

The key difference in this approach was that we left a lot of space for Q&A, and we even handed out printed copies of a TL;DR of the entire presentation.

Ecosystem support

In the last months, we've also continued contributing, in different capacities and roles, to many impactful initiatives in the ecosystem.

Nodo Serrano

A few months ago, motivated by the low amount of events happening outside of Buenos Aires City, in a first approach to decentralize knowledge, we decided to kickstart a new – now the only and first – community hub in Tandil to unite users and builders who want to push the Ethereum ecosystem forward with us 💪

We will describe more about the origins, our relationship, and the need for Nodo Serrano in the future. On July 30th, we expect to launch the physical space and, at the same time, celebrate Ethereum's 10th anniversary by playing Ethereum's recently released documentary, for anyone who wants to join us in conversation.

Nodo Serrano's first interaction with the local community was through a close collaboration with @SEEDLatam, and many other local communities representing builders from Argentina and LATAM.

Now go follow @NodoSerrano, and expect fresh news soon!

ETHRangers

This is an initiative spearheaded by the Ethereum Foundation that we've helped organize and coordinate. Its ultimate goal is supporting people in the ecosystem that contribute to public good initiatives in the security realm. The first batch of rangers has already been selected and is making progress towards each project's goals!

ETH Rangers

Incentivizing Public Goods Security Work for the Ethereum EcosystemWe offer stipends to support individuals dedicating time to working on public goods security efforts within the Ethereum ecosystem. P

The Network for Onchain Communities

Our role might have started as co-creators of the initiative with responsibilities such as doing the curation, but ended up pivoting to a leadership role throughout the program, assisted mainly by the EF.

We are not far away from seeing the first milestones of the first batch of rangers. We expect this to bring a particular kind of continuity to the initiative the following year.

Wranglers at Mozilla Festival 2025

As wranglers, we're part of a diverse team collaborating with the organizers in curating content and bringing crypto-related topics to the event. As you can imagine, bridging the gap between the "traditional" world and crypto security is proving to be quite challenging. Regardless, we're participating in the meetings and discussions and sharing our views as the festival gets closer and closer!

Mozilla Festival 2025

For 15 years, Mozilla Festival has been the home for big ideas, bold conversations, and the movement for a better internet. From November 7th to 9th, we’re bringing that energy back to Barcelona, and you’re invited to be a part of it.

Mozilla Festival (www.mozillafestival.org)

This year's topic is Unlearning. The dynamics withing this organization are unlike anything we've ever experienced while doing these kind of collaborations – remember that we have a strong background on events coordination and content creation. Still, we're convinced that with our influence and presence we're already making a difference.

We pushed harder – literally almost wrote an essay – to justify why most of the topics should be open to receive submissions about possible applications on blockchain technologies and their responsible use. We even created the track "Unlearning Security" in order to advocate for security-by-default, and we've been proactively, notably, and visibly participating in it.

At the same time, we reached out to several Ethereum communities in LATAM, Security Alliance's peers, Ethereum Foundation, and others to submit content in order to grow our presence. Although we don't have a say in all tracks, we hope everyone who answered our call and contributed gets a chance to participate and share their expertise.

So maybe... we'll see you there before DevConnect? 👀🦊

DeFi Security Summit

We've accepted the invitation to be part of this year's DSS steering committee.

Proud to be part of such team, and looking forward to contributing with all we can to making DSS in Argentina, during Devconnect, a memorable event.

Security Alliance (SEAL)

Security Frameworks: official launch

A few updates ago, we were using mysterious phrases to say that we were working on things that weren't public yet. Later, we revealed Frameworks as part of these things, but that was just the beginning!

Today, SEAL's Security Frameworks is an official initiative, and because of this, the community-led initiative started getting more traction.

After recent in-depth technical conversations with top SEAL members and contributors, the initiative will undertake a comprehensive restructuring, including changes to current strategies, taxonomy, and any type of content you may encounter.

Today, the initiative hosts different formats of styling information, and that is a direct consequence of trying to satisfy the ecosystem's needs. Where would you include a guide to mitigate DPRK tactics based on Zoom meetings? In a mere blog post that will get outdated, hard to find, and away from community contributions? That's exactly why Frameworks exist, although we're still thinking if 'Frameworks' is the correct word to describe them.

In short, we've now narrowed-down content categories to:

• Benchmarks: reference metrics or standards to measure performance.
• Playbooks: step-by-step actions to respond to specific situations.
• Practical Guides: how-to instructions for implementation or execution.
• Maturity Models: frameworks to assess and improve capability over time through levels.

We expect, in the following months, through the coordination of a focus group of SEALs and interested parties, to steer this initiative into a brighter future.

Operational Security: Travel Guide

Speaking about frameworks, we pushed a first draft of key considerations to bear in mind while traveling.

This was inspired by the need for written content to be later used for ETHCC's operational security workshop.

The content is to be updated and improved, focusing on the rationale behind each decision and how it might vary depending on your profile. Today's structure presents:

• What you need to know before traveling
• What to do and what not to do while you're there
• What to do afterwards

It also features a dedicated section for high-profile individuals and anyone crossing borders.

Latest articles

One Time Pwnage: advisory on SLOVENLY COMET

This yet-to-be-told story has almost everything, and it apparently has no clear ending, but this is how Opsek and The Red Guild discovered a threat actor intercepting SMS gateways in Argentina, targeting individuals within the ecosystem.

One Time Pwnage: advisory on SLOVENLY COMET

In an effort led by The Red Guild and Opsek, the Security Alliance (SEAL) has released a public security advisory on a recent compromise within some SMS gateway providers.

The Red Guildtincho

The TL;DR is that upon several requests from an Argentinian local community to research what appeared to be telegram account takeovers, we ended up uncovering something more worrisome. A threat actor was using a Telegram bot to interact with access they had into at least one SMS gateway provider to intercept 2FA and OTP tokens from all known service providers: from iCloud, to Google, MercadoLibre, local banks, and even the Argentinian digital ID MiArgentina.

To date, we still have our doubts that this has stopped, or it appears to be another group targeting Telegram accounts.

You'd wonder why Telegram accounts and not the rest. The answer might not surprise you if you're security-savvy. Most people don't have their Telegram passwords enabled (their confusing way to say 2FA), so they make for an easy target to hijack an account. Since they don't have encryption by default, anyone can go through all your messages and see if you've shared something sensitive to exploit later. As well as detect whether you've chatted with bots that act as crypto wallets too (like BONKBot, for example).

This is a friendly reminder to be careful with what recovery alternatives you choose, especially when it comes to SMS, which you should not depend on at all.

The Custodial Stablecoin Rekt Test

Remember The REKT Test that Trail of Bits launched almost two years ago? Well, recently they released a new version, given the need to understand security risks for stablecoin issuers and their users.

We're proud to have collaborated on this effort, providing feedback and reviewing the test, earning us a public shout-out from Ben! ⭐

The Custodial Stablecoin Rekt Test

Introducing the Custodial Stablecoin Rekt Test; a new spin on the classic Rekt Test for evaluating the security maturity of stablecoin issuers.

The Trail of Bits BlogBenjamin Samuels

Tooling

By now, you should know The Red Guild maintains a devcontainer for development and security work in crypto:

GitHub - theredguild/devcontainer: The Red Guild’s devcontainer focused in web3 and security.

The Red Guild’s devcontainer focused in web3 and security. - theredguild/devcontainer

GitHubtheredguild

In ETHBelgrade we met Raoul, who shared with us an awesome spin-off of The Red Guild's devcontainer! It's called solarspace.dev:

Solar Space

In essence, Solar Spaces are regular GitHub repositories with a special devcontainer. You can work on your repository by cloning it locally or by opening it in a GitHub Codespace. In addition to the devcontainer, solarspace.dev provides smart URLs that make it easy to create and share your workspace with others.

We're proud to see our work being expanded by others in the community. Big shout-out to Raoul for his work. Definitely go check it out ☀️

Damn Vulnerable DeFi

Damn Vulnerable DeFi continues to be one of the most renowned set of challenges and educational resources to onboard people to smart contract security. Although we're not actively adding new challenges, we're always keeping an eye on community feedback.

That's why we released a new minor version, with some quality-of-life changes and bug fixes that should improve the overall experience, keeping the challenges fresh and entertaining.

Release v4.1.0 · theredguild/damn-vulnerable-defi

New minor release with small fixes, updates in dependencies, and changes in Wallet Mining challenge. See CHANGELOG.md for more details.

GitHubtheredguild

Future grants

The last months also found us thinking and exploring new alternatives to organize and structure The Red Guild as we continue to evolve. The ecosystem keeps changing around us, so we need to be constantly adapting our ways to engage with the key actors that contribute to keeping our organization afloat with grants.

In that sense, we've submitted a proposal for a new grant with the Ethereum Foundation's ESP team. In it, we presented a novel structure for our team and initiatives. The goal being to enable us widen and deepen our impact, by leveraging the special skills of satellite, temporary collaborators. We'll keep you posted on how it goes!

What's next?

• Continue sharing the beta version of The Phishing Dojo, incorporating user feedback, and improving the platform's stability. In parallel, we're already devising new scenarios to simulate latest threats on public repositories, blind signing, hardware wallets, and multisigs.
• On the design front, we'll be further developing the Dojo's visual identity in boards and brainstorming sessions to then translate those ideas to the actual UI and UX of the platform.
• Start consolidating team and plans for Devconnect 2025. Big things are cooking! Maybe a security awareness campaign? Who knows 🫢
• Keep participating in the discussions and organization of the Mozilla Festival as wranglers.
• Keep coordinating the Ethereum Rangers program. We're reaching the deadline for the first milestone!
• Take SEAL's Frameworks to the next level with the help of a collaborator's focus group to better define its future.